So we had this problem, several of our Windows 2008 R2 fileservers were running full and due to technical issues (old hardware) replacing the disks became VERY expensive.
So alternatives, I started to thing – hey, lets create an “ISCSI drive” on a remote datacenter server, mount the ISCSI drive into the directory structure as a mountpoint named “Archive” or something. Now users could put “old” archival data here, thus removing it from the server but still being available – clever 😀 A few issues crept up however, when creating an ISCSI target on a Windows 2008 R2 server this is “terminated” as a VHD file – this proved annoying (eg for backup etc), besides a friend of mine pointed out that they had tried something similar once – sadly if connectivity was sketchy this could cause the fileserver to hang as it was unable to connect to the iscsi target.
My friend however pointed out that he had had success with using “Links”, right – I have heard of these Junction points and symbolic links, but never really found any real good use for it. But it turn out you can create a symbolic link from the directory structure on one server, pointing to a share on a different server.
So eg. O:\ could have a lot of directories, however we also make a Symbolic Link there named “Archive” – if you now perform a dir you will find all the subdirectories, however you will also find O:\Archive which looks just like a directory (the icon gets a screwy arrow but thats all) however it’s not, it is instead a “pointer” to a share on a different server (this share we can easily backup and maintain).
So the command to use is;
MKLINK /D <NAME> \\<SERVERNAME>\Sharename
eg, MKLINK /D HyperVisor5 \\SECRETSERVER\aarhus
HyperVisor5 is the name the directory will get locally the /D indicate it is a directory junction, and the link will point to \\SECRETSERVER\aarhus (aarhus is the share name on the SECRETSERVER)..
Ohh that was easy you say, yeah – well – it did not work 🙁
When a workstation attempted to access a mapped drive (eg. O:\Archive) it would get the above error.
A bit of googleing let to;
https://blogs.msdn.microsoft.com/junfeng/2012/05/07/the-symbolic-link-cannot-be-followed-because-its-type-is-disabled/
And the solution was simple enough, you need to execute this command on the workstation that has the problem;
(the command above the yellow one show the state of your computer)
And now your workstation can browse the directory (which is actually a pointer to a share on a different server) just like it was on the local server.
This should also be controllable via Group Policy, however I have not had the chance to test it yet;
https://technet.microsoft.com/en-us/library/5c7ffdb9-7066-4bdf-bc7d-eded8db2ce82
The symlink evaluation settings can also be controlled via Group Policy. Go to Computer Configuration > Administrative Templates > System > Filesystem and configure “Selectively allow the evaluation of a symbolic link”.
Debugging Microsoft Direct Access can be a pain, Microsoft however did release a utility to make this a little easier..
Microsoft Windows DirectAccess Client Troubleshooting Tool
http://www.microsoft.com/en-us/download/details.aspx?id=41938
Be sure to click the “enable debug mode” before scanning to get all the juicy details.
Imagine this, you are a technician that often need to configure/re-configure Cisco devices – this mean you have to carry with you a laptop and the blue Cisco cable to configure those darn devices..
Well that was then, this is now 🙂 Now all you need is this cable, your iPhone and an App.. Clever indeed 😀
http://techotrack.com/archives/4806
Ps. Should you need an RJ11 connector that is also an option;
http://www.engadget.com/2010/02/12/redpark-announces-serial-and-rj-11-cables-for-iphone-ipod-touch/
In these days Internet security is more important than ever, would it not be neat if you could run all your Internet traffic through a big filter to filter out all those nasty viruses, malware and privacy concerns!? Well, if you happen to have an old PC lying around or as I have a server running MS-Hyper-V then you actually can fairly simple (and free)..
Ok, you may have heard about such solutions as; Smoothwall, monowall and others like them? These are basically routers/firewalls, and could with a PC (and two nics) replace your broadband router, they contain complex firewall capabilities and maybe even VPN connect possibility. All very cool and quite easy to setup and use..
Untangle go a step further than this, to the basic router capability is added firewall, vpn, antivirus scanning, privacy filter, ad filter, spam filter, captive page and much much more. The best part is that most of this is free, you can download a bunch of apps and install these (this is point and click, so no linux knowledge is required).
So how does it work, is it a proxy or is it a gateway or what? Well once installed you set the LAN nic IP as the default gateway and viola all traffic is now filtered against malware, virus, spam, privacy concerns and what not..
I setup my Untangle box as a Hyper-V machine on my Windows 2008R2 server, gave it 640mb ram and two cpu’s and a 120gb hard drive (of which it is now using aprox 6-7gb).
Once installed you configure everything via the web-interface (not on the box itself if you use Hyper-V, but on you own pc);
So a few notes on installing the app as a hyper-v virtual server;
- Obvious disadvantages, you will never be able to install the Hyper-V additions into the Linux box, thus no mouse ever which leaves the user interface on the installed box useless.
- I had to run the installation 4-5 times before I succeded, dont know why it failed but it was as if the installer just stalled during the installation, thus I suggest you take a snapshot once you manage to install the basic system (now you can always revert to here).
Ok, let me just give you the quick tour of installing the thing, it is not a complete guide
(so no screenshots and some obvious steps may be omitted, but if you know a bit of Hyper-v’ing it should not be too hard);
1. Download the Untangled install cd from; http://www.untangle.com/Downloads/Download-ISO
2. Create a new Hyper-V machine (I suggest 640mb ram, 2 cpu’s), replace the NIC with two legacy NIC’s (required to work), an IDE drive – I used a dynamic drive of 120gb but I think performance may be better if you set a static drive of perhaps 20gb, mount the downloaded ISO as the CD rom. Tweaks; you can stick to one legacy NIC if you do not plan to use the box as a firewall (eg. if you have a HW firewall in your ISP router etc), some things will not work with only one nic but most will.
3. Start the system and select the Text based installer (as you have no mouse in hyper-v), I seemed to have better luck with the advanced installer.. You should set static IP’s so decide on two IP’s before getting started.
4. Once the installation is complete switch to your browser and connect to the IP you set as the LAN side during install
5. Take a snapshot of your of your Hyper-V machine.
6. Now download the “open source pack”, on the left of the interface.
7. Configure the different modules, I suggest you disable/turn off the firewall, anti spam, PG, intrusion prevention features (unless you plan on using the device as your main router) as this will speed up performance.
8. Now set the LAN NIC IP as your default gateway on your pc (or on your DHCP server)
You can even set up a captive page, this will require people to have a password in order to access the Internet quite cool – sadly it does not support limiting bandwidth, download ratios etc. but well it’s still cool.
Don’t worry if your first or second install fails, as mentioned I had to do multiple installs before it succeeded, but now it runs fairly smooth. I have experienced that the web-interface was unavailable (network still worked, but I could not reach the interface), but after a reboot everything was back online.
Read more here; www.untangle.com – http://wiki.untangle.com/index.php/Untangle_Server_User’s_Guide
As primary a Windows admin I get a bit discouraged by products like Nagios – although it’s definitely a cool product installing it seem complex and with little knowledge on Linux maintaining it even more so.
So are there any Windows (free) alternatives out there?
Yes, and propably more than one, however is there any open source/free versions among these?
I found two;
OpenNMS
http://opennms.org/wiki/Installation:Windows
It claim to run on windows and have basic capabilities, I have not looked into details so I can’t say just how deep it goes (Nagius supports SNMP and very detailed monitoring, OpenNMS at a glance seem more like superficial monitoring). Anyway, it’s free and may just be enough for you, so take a look at it.
Demo available at;
http://demo.opennms.org/opennms/index.jsp
user and password is both “demo”
SpiceWorks
http://www.spiceworks.com
I actually tested this once (a previous version), it is quite fine for smaller sites (and seem more extensive than OpenNMS), but when it come to wan connected sites it seem a bit heavy (works without agents installed). Then again, it’s free and this one is quite easy to setup and manage.
Yet other alternatives (Non windows though) is;
http://www.zenoss.com/
http://www.zabbix.com/
And this one that seem commercial;
http://www.groundworkopensource.com/
Ever heard about ARP spoofing or man in the middle attacks? If not then this may not be for you, but if on the other hand “Yes” then here is a tool for you..
Our pal Irongeek has released this nifty small util “DecaffeinatID:” that will sit in your tray until it detects something nasty going on (like eg. attempted ARP spoofing of your default gateway) and then raise hell and bells to warn you.
Basically what it does it to monitor the MAC address of your default gateway, if this for some reason changes (which it never should) you will be warned and can take precautions.
Besides this ARP ‘shield’ the util offers a few other nifty security tricks, anyway check it out at;
http://www.irongeek.com/i.php?page=security/decaffeinatid-simple-ids-arpwatch-for-windows
If you are a sysadmin, then you know the problem with services of vital equipment that keep failing every now and again!? So what do you do? Wait for the users to start calling, buy an expensive monitoring solution or just do some simple scripting?
Well I’ll just give you a quick brief on how to setup the cheap (free) scripted solution that will help keep your users happy and the services running.
I was inspired by an article at; http://www.intelliadmin.com/index.php/2010/01/get-notified-when-a-service-fails/
which was quite cool except he rely on a third party utility for mailing AND he does not relaunch the service.. I have chosen to create a VBS script that will E-Mail AND re-launch the failed service in one sweep.
Ok here goes.
- First of all log on to the server/workstation in question (the machine where the service is running).
- Download my vbs script here (you may need to rightclick and choose save as)
- Modify this part of the script in notepad with your details (smtp server, email address etc)
- Save the file to somewhere on the C drive (I usually use “c:\windows\schedule”)
- Now enter “Computer management” (right click on My Computer and choose “Manage”)
- Select the service you wish to modify/monitor and double click it
- Modify the service as follows (you will need to modify this if you use another location for the script)
You will note that I set the script to run at the “second fail” not the first, you can set it to run at the “first fail” if you like – to avoid being bombarded I just choose first to be informed the second time a service fail. - The service name (described in the script) is NOT the displayname, it is the REAL name of the service, you can find this here;
And viola you are done, from now on you will get an E-Mail every time a service has failed twice (or the first time if you prefer).. It’s all very basic but neat.
If you have ever worked with Microsoft ISA server you may have heard of “GFI WebMonitor”, “GFI WebMonitor” is an add on to the ISA server (it does also exist as a standalone server application) that will allow for Malware, Virus scanning along with traffic analysis and extended logging of HTTP traffic thus protecting workstations against ‘drive by infections’ and other script dangers while surfing.
The news part is that GFI now offer a freeware version, the freeware version is however limited to logging and statistics thus the Malware and Virus protection is turned off in the freeware version after 30 days. But still the logging and statistics functionality is not half bad for free.
So if you are looking for traffic logging and analysis this may be worth a look.
Get it here;
http://www.gfi.com/internet-monitoring-software
Are your DNS settings configured for optimal performance? Don’t know? Well www.grc.comhas released a DNS Benchmarking utility that will not only test your configured DNS servers but also check a bunch of known DNS servers and thus provide you with a diagram of which servers perform best for you, along with this DNS servers are also tested for known security problems.
The tool is not ‘officially’ released as the documentation is not yet ready, but the tool is available for download and usage never the less;
http://www.grc.com/dns/benchmark.htm (please note the download link at the top does not work, use the one at the bottom “Download a copy to your computer“)